In the wake of high profile cyber attacks, leadership teams often think, “could it happen to us?”. Boards and senior business leaders should instead ask themselves, “Are we ready to respond to a cyberattack?”
This article from McKinsey examines how cyber crisis tabletop exercises or “war games” help organisations identify different risk scenarios and prepare them for cyber attacks. An ill-thought-out response to an attack can wreak more havoc than the attack itself. Whether that is customers cancelling subscriptions or losing your clients’ trust, the impact of a cyber incident can depend on your organisation's preparedness.
What are cyber war games?
The term “war game” comes from the military, who have long conducted simulated war scenarios to test their capabilities, find gaps in their plans, ensure readiness for an attack, and test their leadership’s decision making abilities.
Cyber war games are no different, at least in terms of the desired outcome. The difference is that cyber tabletop exercises take place in a meeting room and focus on what could happen in the event of a cyber attack.
A cyber tabletop exercise is structured to simulate the experience of a real cyber attack on your business. The simulation involves participants from across a business, including leadership representatives from information security, technology infrastructure, customer care, operations, marketing, legal, and corporate communications. These exercises help identify where the vulnerabilities in your systems are, what is most valuable to your business and how teams can collaborate in the event of an attack.
Cyber war games yield insights into information assets that require protection, security vulnerabilities that attackers can exploit, and flaws in a corporation’s ability to respond to an attack (Figure 1).
Tabletop exercises can help you answer four key questions:
- Will the security team identify and assess the breach quickly?
- Will the team make effective decisions in containing the breach?
- Will the team effectively communicate the breach to the full set of stakeholders?
- Can the company adjust business strategies and tactics in the wake of a breach?
Why does this matter for businesses?
Practising attack scenarios with your leadership team may be the difference between surviving a real-life cyber attack and succumbing to one.
The insights drawn from a cyber tabletop exercise will help leadership teams identify key assets that require protection, security vulnerabilities that attackers can exploit and flaws in a corporation’s ability to respond, withstand and adapt to an attack.